Remote monitoring and control system for a barrier operator

ABSTRACT

The invention generally relates to a gateway device ( 102 ) that operates as a hub or base station to provide for remote monitoring and control of a barrier operator ( 104,106 ) such as is used to operate a powered garage door. The device ( 102 ) includes a processor; a data storage device; a network interface for connecting the gateway device to a computer network ( 114 ); an operator interface for communicating with the barrier operator; and a computer program, which when executed on the processor: permits access to the gateway device over the computer network by way of a mobile application installed on a mobile device ( 108 ); transmits control signals received over the computer network to the barrier operator ( 104,106 ); and receives monitoring signals from the barrier operator ( 104,106 ).

FIELD OF THE INVENTION

The invention relates to a remote monitoring and control system for abarrier operator. More particularly, embodiments of the invention relateto a remote monitoring and control system for a garage door or gateoperator, but the scope of the invention is not necessarily limitedthereto.

BACKGROUND OF THE INVENTION

Conventionally, barrier operators are used to drive barriers such asgarage doors and gates. The barrier operators can typically becontrolled by a handheld radio transmitter device within a relativelyshort operating range of the barrier and/or a wall switch connected tothe barrier operator.

In recent times, with the development of smart phones and PDAs (PersonalDigital Assistants), various remote control systems for controllingbarrier operators via the Internet have been developed. These remotecontrol systems provides the user with the convenience of operating abarrier from any location (e.g. from the office, or whilst travelling onholiday).

However, many of the current remote control systems on the market have anumber of shortcomings, including limited functionality, scalability orflexibility and/or poor security configurations in which the security ofthese systems may be relatively easily compromised, presentingsignificant risk to owners.

Embodiments of the invention provides a remote control and monitoringsystem for a barrier operator which addresses at least in part one ormore of the disadvantages or problems described above, or which at leastprovides the consumer with a useful choice.

In this specification, where a document, act or item of knowledge isreferred to or discussed, such a reference or discussion is not anadmission that the document, act or item of knowledge or any combinationthereof was at the priority date part of common general knowledge, orknown to be relevant to an attempt to solve any problem with which thisspecification is concerned.

SUMMARY OF THE INVENTION

According to one aspect of the invention, there is provided a gatewaydevice for remote monitoring and control of a barrier operator, thedevice including:

a processor;

a data storage device;

a network interface for connecting the gateway device to a computernetwork;

an operator interface for communicating with the barrier operator; and

a computer program, which when executed on the processor:

-   -   permits access to the gateway device over the computer network;    -   transmits control signals received over the computer network to        the barrier operator; and    -   receives monitoring signals from the barrier operator.

Preferably, the computer program is configured to execute a securityalgorithm requiring one or more client devices to register with thegateway device prior to accessing the gateway device over the computernetwork. The requirement for pre-registration of client devices with thegateway device provides improved security beyond the usual requirementfor accessing the gateway device by entering a username and passwordinto an application installed on the client device. Such a systembecomes compromised if an unauthorised third party was to obtain theusername and password, that can then be simply entered into theapplication to access the gateway. Such unauthorised access would not bepossible with the present invention, owing to the feature of clientdevice registration.

Typically, the computer program is configured to accept separateregistrations from individual client devices. The gateway device isconfigured to manage a unique list of registered devices that arecreated by the user of the gateway device.

Preferably, registration is effected by storage on the gateway device ofa unique client device identifier. Optimally, the client deviceidentifier is also stored on a remote Internet server in associationwith a unique gateway device identifier.

Typically, the computer program is configured to register clientdevice/s by:

creating a profile on the gateway device;

prompting the entry of the profile into the client device;

receiving the profile at the gateway device;

authenticating the client device against the profile; and

generating the unique client device identifier.

Alternatively, the computer program is configured to register clientdevice/s by:

creating a profile on the gateway device;

prompting the entry of the profile into the client device;

receiving the profile at the gateway device;

generating unique client device credentials; and

authorising the client device against the profile.

According to some embodiments, the profile includes a password.Preferably, the password is stored on the gateway device in hashed form.The password need not be stored on the client device.

The client device accesses the gateway device through an applicationthat is installed on the client device, with access to the applicationbeing controlled through the profile.

Optionally, the security algorithm is configured to transmitauthentication credentials to the client device during registration ofthe client device, the authentication credentials being stored on thegateway device and client device and being suitable for use by theclient device to access the gateway device.

Typically, the authentication credentials are transmitted to the clientdevice along with the unique client device identifier and the uniquegateway device identifier.

Typically, the gateway device is configured to receive control signalsfrom client devices having access to the gateway device over thecomputer network.

According to preferred embodiments, the gateway device authenticatescontrol signals received from the client device/s before transmittingthe control signals to the barrier operator.

According to preferred embodiments, the client device includes a timestamp with the control signal. This enables the gateway device to rejectcommand signals that are received outside of an appropriate timeframe.

Preferably, the gateway device is coupled to a Wi-Fi network in order tofacilitate access to the gateway device by client devices also connectedto the Wi-Fi network. According to preferred embodiments, the gatewaydevice is also in communication with an Internet server to facilitateaccess to the gateway device by client devices over the Internet. TheInternet server is configurable to mirror the state of the barrieroperator and registered client devices (or a subset thereof) that arestored on the gateway device.

Preferably, at least a subset of the authentication credentials aretransmitted to the Internet server from the gateway device after theclient device is registered with the gateway device.

Preferably, control signals received at the Internet server from aclient device are transmitted to the gateway device for authenticationprior to actioning by the barrier operator. This feature provides theadvantage that in the event of the Internet server being compromised,command signals that are transmitted to the gateway device from thecompromised server will not be actioned by the barrier operator.

Preferably, the computer program includes a module configured to receiveand store data from the barrier operator pertaining to the barrieroperator's operating characteristics. This combination of accessibilityof the barrier operator's operating characteristics to the gatewaydevice, and the ability to control and monitor the barrier operator fromthe gateway device, allows the gateway device to effectively function asa ‘virtual barrier operator’. Advantageously, configuration actions thatwere previously only available at the barrier operator (such as settingpart-open positions, code-setting new remote control transmitters,adjusting operating times and modes of operation) can be undertakenthrough the gateway device. Such configuration actions can be performedeither directly through the gateway device (by a user in physicalproximity to the gateway device, eg. by way of a user interface) or byremotely accessing the gateway device over the computer network from aclient device.

The gateway device may be configured to retain information in relationto the specific set up parameters for the barrier operator, andidentification information in relation to the mobile device. The gatewaydevice may be configured to control one or more barrier operators, andother peripheral devices including lights, sensors, and/or cameras. Inaddition, the gateway device may be configured to register the mobiledevice before allowing the mobile device to transmit control signals forcontrolling the barrier operator. The gateway device may be configuredto allow registration of one or more of mobile devices such that acontrol signal from any one of the mobile devices can be used to controlthe barrier operator

The gateway device may be configured through a user interface that isdisplayed on the client device by way of the installed application. thatis installed thereon. on the client device. The gateway device can bealso be provided with an interface display for communication with a userto receive configuration commands.

Alternatively or additionally, the gateway device may include aninterface display to allow a user to configure and/or control thebarrier operator directly. In one embodiment, the gateway deviceincludes a tablet device having a touch screen display for communicationwith a user.

The gateway device may include control circuitry for receiving,processing and transmitting information including control signals forcontrolling the barrier operator. Typically, the control circuitry ofthe gateway device communicates with the barrier operator wirelessly viaradio communication. More specifically, the frequency of the radiocommunication may be 915 MHz.

In one embodiment, the gateway device may include a touch screeninterface display, a Wi-Fi communications module, and a radiocommunications transceiver unit. The Wi-Fi communications module may beconfigured for connection with a local Wi-Fi router such that thegateway device functions as a HTTPS web server for secure communicationwith the mobile device when the mobile device is connected to the Wi-Finetwork.

According to one embodiment, the operator interface provides forwireless communication with the barrier operator.

The operator interface may include a radio frequency transceiver unitarranged to operate on 915 MHz frequency. This frequency provides asuitable communication range of approximately 50 m for most home, officeand industry applications. The transceiver unit may include memory forstoring rolling code counters, one or more unique IDs of transceivers ofone or more barrier operators registered with the gateway device, aunique ID of the gateway device, and one or more encryption keys.

The barrier operator may include a transceiver having a unique ID. Thegateway device may capture the unique ID of the barrier operatortransceiver to allow registration of the barrier operator with thegateway device during installation. The unique ID of the barrieroperator transceiver may be a serial number which is manually enteredinto the gateway device. Alternatively, the unique ID may be a code(such as a QR code) that is automatically captured by a data capturedevice on the client device (such as a camera) or gateway device (suchas a camera, infrared scanner, NFC scanner of the like).

When registering more than one barrier operator with the gateway device,the unique ID of a transceiver of each barrier operator will be capturedby the gateway device.

The gateway device may be configured to receive confirmation ofregistration from each barrier operator. In one embodiment, each barrieroperator may include a push button or other manually operable meanswhich can be activated manually to realise or to confirm registration.Alternatively, the transceiver of each barrier operator may beconfigured to send a confirmation wirelessly to the transceiver of thegateway device. The confirmation may be in the form of a confirmationpassword.

As noted above, the gateway device may be configured to allowregistration of one or more of mobile devices before the one or moremobile devices can be used to transmit control signals to the gatewaydevice. A password may be required for registration of a mobile devicewith the gateway device. Further detail regarding the registrationprocess is discussed below.

The gateway device may be configured to allow operating parameters ofthe barrier operator to be set via the interface display during setup,and changed eg. during service or repair operations. By way of example,some operating parameters may include open and close travel limitpositions for the barrier, timers for peripheral devices such as lights,and part open positions (e.g. prescribed barrier position for pet entry,pedestrian entry, parcel delivery, or ventilation).

The gateway device may be configured to provide a service menu forservice technicians of the barrier operator. The service menu may allowa technician to log in to a service account when performing a service onthe barrier operator such that each service is electronically logged inthe gateway device. In addition, the gateway device may be configured togenerate reminders for upcoming scheduled service dates for the barrieroperator.

The gateway device may also be configured to store an event log of allmonitoring signals detailing control events executed by the barrieroperator with the time and date of event execution. For example, acontrol event may be ‘garage door closed by Bob at 10:45 am 3 Jul.2014’. The event log can provide useful diagnostics information to aservice technician during maintenance and/or repair. Moreover, thegateway device can be configured to send notifications to the mobiledevice so as to alert the user, for example, of the execution of anevent, or a service reminder.

The gateway device is configurable to transmit push notifications to aclient device in response to the detection of status events with respectto the barrier operator. For example, the gateway device can beconfigured to transmit a push notification to indicate that the garagedoor connected to the barrier operator has been open for a prescribedtime period (eg. one minute), to provide a reminder to the user to issuea command to close the garage door.

The monitoring signals can include information that the barrier operatorhas received a command from a remote control transmitter other than thegateway device and what action was taken based on that command (forexample a status update ‘received a CLOSE command from remote controlnumber 1234567 and now closing’).

The gateway device can be configured to receive a command relayed fromthe barrier operator, said command being received from the remotecontrol without the command causing any action at the barrier operator(other than the reception and resulting status update). For example astatus update: ‘received gateway device command 1 from remote controlnumber 1234567 and door is (still) closed’. This allows the remotecontrol transmitter to activate a gateway device function that is notassociated with barrier operator which received it. For example acommand to operate a light or other garage door which is not registeredwith the remote control transmitter.

Typically, the mobile device communicates with the gateway device via amobile application installed on the mobile device. The mobileapplication may access an online web server when the mobile device isnot within range of the local Wi-Fi network. The mobile application mayalso directly access the gateway device over the Internet when out ofthe range of the local Wi-Fi network. Alternatively, the mobileapplication may access the gateway device through the Wi-Fi network whenin range.

The mobile application may generate a control interface based onsettings of the gateway device. In particular, the mobile applicationmay include a control function associated with each type of barrieroperator, and the mobile application may generate the control interfacebased on the number and type of barrier operators registered with thegateway device, such that the control interface includes a controlfunction for each barrier operator registered with the gateway device.

The mobile application may allow the mobile device to control barrieroperators at various different locations through communication with oneor more gateway devices. For example, the user of the mobile device maybe associated with one or more properties (e.g. home, office, holidayhouse, etc.) each installed with a remote control system and the usermay be able to use a single mobile device to communicate and controlbarrier operators in each property. The mobile application may requireseparate log in details for each gateway device (ie. each location).

Different mobile devices registered with a gateway device may beconfigured with different access privileges. For example, in anindustrial facility with many barrier operators and mobile devicesregistered with a gateway device, not all mobile devices will have fullaccess privileges to control all barrier operators. In other words, somemobile devices may only have access privileges to control some barrieroperators. The access privileges may be configured via the gatewaydevice.

Advantageously, the password of the mobile device user is not saved onthe online web server. This provides improved security for the system inwhich the password cannot be obtained by an unauthorised third party viathe online web server. In addition, even if the password were obtainedin some other manner by an unauthorised third party, the unauthorisedthird party would not be able to use the password to log in to theonline web server without the corresponding registered mobile device andaccess the gateway device to control the barrier operator.

The mobile application may provide video footage captured from a camera.The video footage may provide a view of a barrier associated with thebarrier operator. The mobile application may provide the video footagevia the gateway device or independently of the gateway device.

The mobile application may receive notifications from the gateway devicerelation to events of the barrier operator (e.g. ‘garage door opened byBob at 2 pm on 17 Jul. 2014’). The mobile application may have access toevent history logs for the barrier operator.

The remote control system may include one or more radio communicationtransmitters for sending control signals directly to the barrieroperator via radio communication. The barrier operator can therefore becontrolled using either the gateway device or the transmitter(s) viaradio communication, eg. in the event that the Wi-Fi network and/or theInternet is interrupted, compromised or out of operation.

In particular, the gateway device may be configured to communicate withthe barrier operator using multiple channels. When the gateway deviceneeds to send a control signal to the barrier operator, the transceiverof the gateway device may select a random channel for transmitting thecontrol signal, and determine whether to transmit the control signalbased on activity on the selected channel. The gateway device may selecta different channel if the previously selected channel is blocked. Thegateway device may transmit the control signal using a different channelif no acknowledgement is received from the barrier operator once thecontrol signal is transmitted. Moreover, the gateway device may generatean error message if no acknowledgement is received from the barrieroperator once one or more control signals are transmitted.

The transmitter may communicate with the barrier operator in the samemanner.

In one embodiment, the gateway device may allow the setting of vacationmode operation, in which the barrier operator will not respond to anycontrol signals, including those issued over the local Wi-Fi network orremote computer network. Typically, this is achieved by disabling thetransceiver in the barrier operator until the user switches the systemout of vacation mode.

According to other embodiments, the vacation mode is configurable so asto allow access modes to be selectively disabled. This allows accessfrom particular mobile devices or transmitters to be disabled, whilecontinuing to allow access from other devices. Preferably, the selectiveaccess vacation mode can be activated through the mobile application,but only deactivated after satisfying a higher security level.

The gateway device may communicate using rolling code and encryption viaradio communication with the barrier operator. The gateway device maycommunicate with the online web server via the local Wi-Fi network. Themobile device may communicate with the gateway device via the localWi-Fi network directly if the mobile device is within the range of theWi-Fi network, or indirectly through the online web server if the mobiledevice is outside of the range of the Wi-Fi network. The remote controlsystem may use HTTPS secure communication protocol. In particular, HTTPSconnections may be used for communication between the mobile device andthe gateway device, and between the gateway device and the online webserver.

According to another aspect of the present invention, there is provideda remote monitoring and control system, comprising:

-   -   a gateway device in accordance with the first aspect of the        invention; and    -   one or more barrier operators in communication with the gateway        device.

Preferably, the system includes a server device communicatively coupledto the gateway device through the Internet, the server device beingconfigured to allow client devices to securely access the gatewaydevice.

According to another aspect of the present invention, there is provideda method for remotely monitoring and controlling one or more barrieroperators, the method comprising the steps of:

-   -   providing a gateway device in accordance with the first aspect        of the invention; and    -   accepting registration of the barrier operator with the gateway        device.

Preferably, the method includes the step of transmitting a uniquegateway device identifier to an Internet server. According to preferredembodiments, the transmitting step is performed prior to registration ofany client devices or registration of a barrier operator. In a preferredembodiment, this is done before the gateway device is installed, eg.during factory setup or manufacture. This preset registration of eachgateway device to the Internet server that will then be used toimplement the invention provides an additional security measure.

BRIEF DESCRIPTION OF THE DRAWINGS

The invention will now be further explained and illustrated by referenceto the accompanying drawings in which:

FIG. 1 is a schematic diagram of a remote control system for a barrieroperator according to one embodiment of the invention;

FIG. 2 is a flow diagram illustrating a method of registering a newmobile device user using the remote control system of FIG. 1;

FIG. 3 is a flow diagram illustrating a method of controlling a barrieroperator using a control signal transmitted from the mobile device afterregistration in accordance with the method of FIG. 2; and

FIGS. 4A to 4H are illustrations of a wireless application interface ona mobile device that is suitable for use with the remote control systemof the present invention.

DETAILED DESCRIPTION OF THE DRAWINGS Overview of the Remote ControlSystem

The remote control system 100 as shown in FIG. 1 includes a gatewaydevice 102 that connects barrier operators 104, 106 to a computernetwork. Gateway device 102 thus operates as a hub or base station forthe barrier operators, via which all monitoring signals and control andcommand signals are routed. As described below, once connected to thenetwork, barrier operators 104, 106 can be remotely monitored andcontrolled in a secure manner. Consistent with this secure connectionmethodology, gateway device 102 is configured to send control signals tobarrier operators 104, 106 for controlling their operation and toreceive monitoring data from the barrier operators 104,106. Gatewaydevice 102 is also used to set up and configure the barrier operators104, 106.

Whilst the present example illustrates the control system 100controlling two barrier operators 104, 106, it will be understood thatthe control system 100 can be configured to control any number ofbarrier operators in a similar manner.

Gateway device 102 is a networked device and includes a processor,memory, network interface and operating software stored on the memory(such as a Wi-Fi communications module for controlling the networkinterface and creating its own Wi-Fi network (i.e a functioning as a‘Wi-Fi hotspot’) to allow access to the gateway device). A web serverprogram is installed on gateway device 102.

In the illustrated embodiment, gateway device 102 is connected via thenetwork interface to a home network. The home network also includes aWi-Fi router 110 that is in turn connected to the Internet.

As described below, gateway device 102 can be accessed through a mobiledevice 108 with a suitable mobile application installed thereon (furtherdescribed below) When the mobile device is connected to the homenetwork, gateway device 102 can be accessed through the Wi-Fi router110. Alternatively, gateway device 102 can be accessed over theInternet, by way of an online web server 112 when the mobile device 108is not connected to the home network through the Wi-Fi router 110.Gateway device 102 is of course also accessible over the Internet byconnecting to web server 112 via a conventional wired Internetconnection.

Gateway device 102 includes a microcontroller and radio frequencytransceiver to enable it to transmit control signals to, and receivemonitoring and/or control signals from, barrier operators 104, 106.Barrier operators 104, 106 are also equipped with suitable transceiversfor communicating with the gateway device 102.

In turn, each of the barrier operators 104, 106 controls the operationof respectively barrier 1 and barrier 2, for example by issuing commandsfor opening, closing or stopping the barrier 1 or barrier 2. Barrieroperator 104 or 106 may also comprise devices such as lights, locks orposition sensors, or be used to control such devices via communicationwith the barrier operator.

The system 100 can be set to ‘vacation mode’ by selectively disablingthe transceiver in the barrier operators 104, 106.

The remote control system 100 further includes conventional transmitters116, 118 for transmitting control signals to control a respectivebarrier operator 104, 106 via radio frequency communication through areceiver. Barrier operators 104, 106 also include a radio transceiverfor communication with the gateway device 102.

Radio frequency communication between the gateway device 102 and barrieroperators 106, 106 occurs over a wireless device network (WDN).

The Gateway Device

The gateway device 102 provides a hub or access point to the system. Thegateway device has a unique gateway device identifier that is allocatedto the gateway device at the point of manufacture or factory setup.Details of the gateway device identifier are also transmitted to theonline web server 112 as part of the factory setup or manufactureprocess.

In addition to being accessible through mobile device 108, in oneembodiment gateway device 102 also includes a touchscreen displayprovided by an integrated or connected tablet device for directlyinterfacing with a user. The gateway device 102 also includes a radiocommunications transceiver unit configured for radio frequencycommunication with the transceivers of the barrier operators 104, 106.The transceivers are configured for radio communication over a 915 MHzradio frequency band, which is a commonly used band in suchapplications, known to provide a range of up to approximately 50 m, andadapted to support rolling code communications.

As an alternative to conventional 915 MHz radio frequency communication,the gateway device 102 may be connectable to the barrier operators 104,106 through other protocols, such as Wi-Fi, Bluetooth, wired Ethernet,RFID, NFC and USB.

Gateway device 102 includes a microcontroller in communication with theradio transceiver unit, the microcontroller including an integratedFLASH memory. The firmware for the operation of the gateway device isinstalled on the microcontroller.

During initial setup of the system 100, the barrier operators 104, 106are registered with the gateway device 102. The gateway device cancreate a temporary Wi-Fi hotspot to allow an installer to access thegateway device using her own mobile device. The installer can be grantedtemporary and limited administrator privileges for the duration of theinstallation. The administrator privileges are revoked after theinstallation is complete.

The registration can be carried out in a number of ways. The barrieroperator 104, 106 can be registered with the gateway device 102 bymanually entering a unique ID such as a serial number of the transceiverassociated with the barrier operator 104, 106 into the gateway device102, either through the touchscreen, mobile application or online webserver 112. Each barrier operator is assigned a unique 32 bit serialnumber during manufacture, which is used to address the barrieroperator. Alternatively, the unique ID associated with the transceiverof each barrier operator 104, 106 can be automatically captured by thegateway device 104, 106, for example by using an infrared scanner, QRcode or NFC scanner. Once the unique ID is captured by the gatewaydevice 102, the respective operator 104, 106 may confirm registration bysending a confirmation signal to the gateway device 102. Theconfirmation signal may be sent after a push button on the transceiverof the respective operator 104, 106 is pushed, or a confirmationpassword is sent by the gateway device transceiver 102 to thetransceiver of the barrier operator 104, 106 and validated.

Alternatively, the barrier operator can be registered with the gatewaydevice by the gateway device first sending a password to the barrieroperator along with the barrier operator's serial number. If thetransmitted password matches the password for the barrier operator, thebarrier operator sends a registration request for the barrier operatorto the gateway device. The gateway device then registers the barrieroperator. The use of the password is to ensure that an incorrect barrieroperator is not registered with the gateway device, such an event beingat risk of occurring when simultaneous registrations are being performedwithin radio range of each other.

Following a successful registration of barrier operator 104, 106 withgateway device 102, the barrier operator's operating characteristics andcapabilities are transferred to the gateway device (ie. a profilecontaining that information is communicated thereto). Characteristicsincluding model number, firmware version, and details of the barrieroperator's capabilities (such as the commands it accepts and the classesof devices—eg. lights, electric locks and photoelectric beams—that canbe connected) are thus provided to the gateway device 102. As describedbelow, transferring this information to the gateway device allows it toeffectively function as a ‘virtual barrier operator’.

The transceiver unit of the gateway device 102 includes memory forstoring rolling code counters, unique IDs of the transceivers of thebarrier operators 102, 104 registered with the gateway device 102, aunique ID of the gateway device 102 itself, and one or more encryptionkeys.

During initial setup, the mobile device 108 is also registered with thesystem 100 by registering with the gateway device 102 and the online webserver 112. Further detail regarding the registration process isdiscussed later with reference to FIG. 2.

Transmission of the barrier operator's characteristics and capabilitiesto the gateway device 102 allows configuration of the barrier operator'soperating parameters via the touchscreen display (if provided) or mobileapplication. Operating parameters can be initially configured duringsetup, and also changed during maintenance and repair. By way ofexample, operating parameters include open and close travel limitpositions for each barrier, timers for peripheral devices such aslights, part open position (e.g. prescribed barrier position for petentry, pedestrian entry, parcel delivery, ventilation, etc).

Transmission of the barrier operator's characteristics and capabilitiesto the gateway device 102 also allows for the creation of an accurateand detailed display of the barrier operator on the user interface ofthe mobile application. Specifically, the user interface is populatedwith data that accurately encapsulates the actual functions of thebarrier operator that is being monitored and controlled through thegateway device.

Moreover, the characteristic and capability data is a rich source ofinformation for configuring the degree of remote operation and controlthat is to be permitted. For example, for barrier operators that includea photoelectric beam (details of which are transmitted to the gatewaydevice as part of the characteristic and capability data) can beconfigured to allow for remote monitoring, but not for remote control.

The gateway device is also configured to provide a service menu forservice technicians of the barrier operators 104, 106. The service menuallows the technician to log in to a service account when performing aservice on the barrier operators 104, 106 such that each service iselectronically logged in the gateway device 102. In addition, thegateway device is further configured to generate reminders for upcomingscheduled service dates for the barrier operators 104, 106.

The gateway device 102 is further configured to keep an event log of allcontrol events executed by each barrier operator 104, 106 with the timeand date of event execution. For example, a control event may be ‘garagedoor closed by Bob at 10:45 am 3 Jul. 2014’. The event log can provideuseful diagnostics information to a service technician duringmaintenance and/or repair. Moreover, the gateway device 102 isconfigured to send push notifications to the mobile device 108 so as toalert the user, for example, of the execution of an event, or a servicereminder. The raw data received from the gateway device 102 isconveniently re-written into a more human-understandable form beforebeing included in push notifications.

Gateway device 102 can be used to store and program sequences of actionsor ‘themes’ (e.g. gate and garage opens at the same time; gate opens anddriveway lighting turns on at the same time). Conveniently, the user ofeach registered mobile device 108 can store their own personal themes onthe gateway device 102. The themes can be conveniently generated fromthe configuration and capability data that is delivered to the gatewaydevice from the barrier operator.

Gateway device 102 can send push notifications to mobile devices 108,for example to notify the smart phone user when an event has occurred(e.g. ‘garage door opened by Bob at 10:45 am 3 Jul. 2014’).

The Mobile Device

The mobile application installed on the mobile device 108 generates acontrol interface based on the settings of the gateway device 102. Inparticular, the mobile application includes a control functionassociated with each barrier operator 104, 106. The mobile applicationgenerates an interface based on the barrier operators 104, 106 which areregistered with the gateway device 102. For example, the mobileapplication includes a first control function and interface associatedwith barrier operator 104 (being a gate operator), and a second controlfunction and interface associated with barrier operator 106 (being agarage door operator). Once the barrier operators 104, 106 areregistered with the gateway device 102, and the mobile device 108 isalso registered with the system 100, the control interfaces aregenerated based on the control functions for the registered barrieroperators 104, 106.

Gateway device 102 can send push notifications to mobile device 108, forexample to notify the mobile device user when an event has occurred(e.g. ‘garage door opened by Bob at 10:45 am 3 Jul. 2014’).

The wireless application interface is automatically populated based onthe type and number of operators and peripheral devices that arecontrolled at each location and on the current access privileges for thegateway device 102.

The information stored on the gateway device 102 is used to control thecontent of the wireless application interface. For example, forembodiments where an animation of the barrier operator is displayed onthe interface of the wireless application, any data that is required todrive the animation, is supplied from the gateway device 102. Thesupplied data can be processed through a timer that is built into thewireless application. However, the interface itself does not haveknowledge of the control and monitoring functions behind the display.This removes the requirement of how to remotely control a device fromthe wireless application and frees the control from the logic of theapplication's interface.

Registering a Mobile Device

A method 200 for registering a mobile device 108 with the system 100will now be explained with reference to FIG. 2. Access to the system forthe purpose of registering mobile devices is through the Wi-Fi networkor alternatively remotely through the Internet 114.

At step 202, a new user account for the gateway device 102 is createdwith a password. The password is cryptographically hashed and saved onthe gateway device 102. Once saved in this format, the gateway device102 no longer has a copy of the plaintext password and the saved datacannot be used to recover the original text. However, thecryptographically hashed password still allows the gateway device 102 toverify whether a received password matches the original.

Once installed on the mobile device, the mobile application searches forgateway devices on the Wi-Fi network to which it can be registered.Then, at step 204, the user enters the same password into the mobileapplication on the mobile device 108. The password entered into themobile application is then sent to the gateway device 102 over a secureHTTPS connection. Once the username and password are received by thegateway device 102, the plain text password is hashed and verifiedagainst the corresponding stored hash of password.

At step 206, the gateway device 102 generates a set of user credentialsto identify the mobile device 108 and sends the credentials to themobile application.

At step 208, the gateway device 102 applies a hashing function to thecredentials and sends (synchs) the hashed credentials to the web server112. Once the online web server 112 receives the relevant usercredentials, the mobile device 108 is successfully registered and theuser can login locally or remotely using the registered mobile device108 to send control signals to the gateway device 102.

In one embodiment, once the mobile device 108 is registered, thepassword is used for logging onto the gateway device and/or web server.

A further method for registering a mobile device 108 with the systemproceeds broadly as follows:

-   -   1. Create new user on base station 102 with password;    -   2. Generate mobile app credentials and one-time use code on base        station 102;    -   3. Enter one-time use code and password into mobile app on        device 108, and    -   4. Transmit credentials to mobile app.

More specifically, at step 1, a new user account for the gateway device102 is created with a password. The password is cryptographically hashedand saved on the gateway device 102.

At step 2, the gateway device generates the credentials for the mobileapplication and a one-time use access code is generated. In oneembodiment this one-time use access code is emailed to the user.

At step 3, the user enters the one-time use access code and passwordinto the mobile app. These are transmitted to the gateway device and/orweb server.

At step 4, the gateway device 102 and or web server 112 authorizes theone-time use access code and password. Once authorized, the credentialsare transmitted to the mobile application and the mobile device 108 issuccessfully registered, and the user can login locally or remotelyusing the registered mobile device 108 to send control signals to thegateway device 102.

As with method 200, once the mobile device 108 is registered, thepassword is used for logging onto the gateway device and/or web server.

Remotely Controlling the Barrier Operator

A method 300 of using a registered mobile device 108 to control abarrier operator using the system 100 will now be explained withreference to FIG. 3.

At step 302, once the user has entered his password into the mobileapplication in order to access the web server 112 or gateway device 102,the mobile application sends the credentials to the relevant entity (i.eserver 112 or gateway device 102).

At step 304, a hashing function is applied to the credentials and thehashed value is compared with the corresponding stored hashedcredentials for the mobile device 108.

At query step 306, if the hashed credentials match the stored hashedcredentials, the user is verified and the method 300 proceeds to step310. If the hashed credentials do not match the stored hashedcredentials, the user is not verified and the method 300 ends.

At step 310, the user uses the mobile application to send a controlsignal (e.g. open barrier 1) to the gateway device 102. The mobileapplication sends the control signal, along with selected credentialsand a timestamp (e.g. in UTC). As the request is timestamped, validrequests cannot be replayed over time, and there is an ability to rejectcommands if they are not in a valid timeframe.

The web server 112 does not check the authenticity of the control signaland does not generate a valid control signal independently of aregistered device. This ensures that if the web server's security iscompromised, the gateway device 102 can still verify that the messageoriginated from a registered mobile device 108.

At step 312, once the data is received by the gateway device 102, thegateway device 102 performs its own authentication of the credentials.If the authentication is unsuccessful, the method 300 process ends.

At step 316, the gateway device 102 sends the control signal to thebarrier operator 104 to open barrier 1.

In the system 100, the password of the mobile device user is not savedon the online web server 112. Accordingly, the password cannot beobtained by an unauthorised third party via the online web server 112 toaccess the gateway device 102 and control the barrier operators 104,106.

Moreover, only a registered mobile device 108 can gain access to theonline web server 112 and gateway device 102. In the event that anunauthorised third party obtains the password, the unauthorised thirdparty would not be able to access the system 100 using an unregisteredmobile device that has the mobile application installed.

Whilst the system 100 illustrates an embodiment in which only one mobiledevice 108 is shown, it will be understood that the system 100 isconfigured to permit registration of multiple mobile devices. Eachmobile device can be registered using the method 200 as previouslydescribed, and each mobile device will transmit control signals to thegateway device 102 in the manner described in method 300.

Different mobile devices registered with the gateway device 102 can beconfigured using the gateway device 102 to have different accessprivileges. For example, one mobile device may only have accessprivileges to transmit control signals to barrier operator 104, and onemobile device may only have access privileges to transmit controlsignals to barrier operator 106. This feature can be useful in largeindustrial facilities in which many barrier operators and mobile devicesregistered can be registered with a gateway device, not all personnelwill have full access to the facility, and this corresponding mobiledevices for each personnel can be set up with different accessprivileges.

Communication Protocols

The gateway device 102 communicates with the barrier operators 104, 106using multiple channel radio communication in the 915 MHz band. Beforetransmitting a control signal to a barrier operator 104, 106, thetransceiver of the barrier operator 104, 106 selects a channel atrandom, listens for activity on the channel, and determines whether towait until the channel is clear or select a different channel fortransmitting the control signal. Once the control signal is sent, thetransceiver listens for an acknowledgment from barrier operator 104, 106transceiver on the same channel. If no acknowledgement is received, thegateway device 102 transceiver selects a randomised time to re-transmitthe control signal and listens for acknowledgement. If all transmissionsfail, the gateway device 102 transceiver generates an error messagenotifying the gateway device 102 that the control signal could not besent.

If the barrier operator 104, 106 receives the same control signal morethan once because an acknowledgement was not received by the gatewaydevice 102 transceiver for a previous transmission attempt, the barrieroperator 104, 106 continues to acknowledge the repeated control signalsbut does not execute the control signal a second time.

Each transmitted control signal uses a new rolling code counter value.The system 100 uses encryption with rolling code counters of suitablebit-depth for communication with the barrier operators 104, 106.

Transmission of data from the barrier operators 104, 106 to the gatewaydevice 102, and communication between a transmitter 116, 118 with arespective barrier operator 104, 106 are also carried out in the samemanner. In particular, each transceiver (e.g. this can be transceiver ofthe barrier operator 104, 106, gateway device 102 or transmitters 116,118) maintains a rolling code counter for both incoming and outgoingpackets for each transceiver it is registered with.

Each transceiver has a unique identifier, and when two transceivers areregistered to one another, the unique identifier of each transceiver isknown to the other transceiver. In this manner, the transceiver willonly process a command received from another transceiver with which itis registered.

The tablet device associated with gateway device 102 includes a USBport, suitable drivers and application software and communicates with aUSB host provided in gateway device 102. Communication between thetablet device (if one is used) and the gateway device may alternativelybe by way of any suitable protocol. When USB is used, the USBapplication software manages the initial USB connection as well as beingresponsible for USB packet formatting and processing.

In the illustrated embodiment, the gateway device transceiver forms thecentre hub of a star network of WDN devices. The gateway devicetransceiver routes commands received from the tablet device either toits own internal command processor, or translates the commands fortransmission to a barrier operator 104, 106 via the WDN. The gatewaydevice transceiver also receives wireless device network packets fromcontrolled and/or monitored devices 104, 106 and routes them either toits internal command processor or translates them for transmissionelsewhere.

Another convenient function enabled by the virtual barrier operator isthe ability for a physical barrier operator to receive a command from atransmitter 116, 118 and pass the command on the gateway device 102 foractioning (with or without performing an action on the barrieroperator). For example, the transmitter can be programmed (through thegateway device 102) to perform an action (for example to turn on a lightor unlock a door) on any other device that is communication with thegateway device 102. The gateway device 102 can also be configured toforward a push notification or email to the mobile device when itreceives such a transmission from the transmitter 116, 118.

An example user interface for a wireless application that is installedon mobile device 108 is illustrated in FIGS. 4A to 4H. Moreparticularly, FIGS. 4A and 4C illustrate the interface display of agarage door connected to barrier operator 106 respectively in a closedand open position. From the closed position, the user of mobile device108 can issue a control signal to the barrier operator 106, by pressingthe ‘up arrow’ button shown In FIG. 4A. In the case of a remoteconnection, this action causes the command signal to be transmitted frommobile device 108 through the Internet 114 to web server 112. Asdescribed above, command signals received at web server 112 are relayed(again through the Internet 114) to the gateway device 102 forauthentication and actioning. Once received and authenticated at gatewaydevice 102, the command is transmitted to barrier operator 106 via theWDN network. Barrier operator 108 executes the command (in this case toopen the garage door) upon receipt.

Immediately after the ‘close door’ command is executed by barrieroperator 106, a monitoring signal is sent from barrier operator togateway device 102 to indicate that the command has been executed.Gateway device 102 then sends basic status information (as opposed toreal time data as to the position of the garage door) regarding theactivated command to mobile device 108 to drive an animation displayedin the wireless application's user interface. In the case of a ‘closedoor’ command, the status information is: starting position, directionand speed of the garage door. This information is sufficient to generatethe animation illustrated in FIG. 4D, which shows the garage door movingfrom a closed to an open position in approximately the same timeframe asthe closing of the garage door being controlled.

Different items of status information are appropriately transmitted tothe mobile device 108 depending on the command that is activated. Thealgorithm that executes on the mobile device 108 to display theanimation (using the status information as input) can be specificallytailored to each barrier operator 106, using the operator's specificconfiguration data that is supplied to the gateway device 102.

The user interface can also communicate detailed information about thecircumstances in which a command was executed on the barrier operator.For example, the interface can indicate whether a close command wasexecuted in response to an auto-close setting, or in response to acommand received through the web server, home network, gateway device,transmitter or directly through the barrier operator.

An equivalent process and data flow is used to generate the animation ofthe garage door moving from an open to a closed position, as illustratedin FIG. 4B.

FIG. 4E illustrates the interface display of the various functionsdescribed above available from the wireless application, namely:ventilation, parcel, pet, light, auxiliary, vacation and phone.

FIG. 4G illustrates the log-in screen that requires the entry of apassword to access the online web server and/or gateway device 102. FIG.4F illustrates the interface display of the remote control system inwhich access from mobile device 108 and transmitter 116 has beendisabled, whereas FIG. 4H shows an interface display indicating alow-battery status for a connected lock.

Reference throughout this specification to ‘one embodiment’ or ‘anembodiment’ means that a particular feature, structure, orcharacteristic described in connection with the embodiment is includedin at least one embodiment of the present invention. Thus, theappearance of the phrases ‘in one embodiment’ or ‘in an embodiment’ invarious places throughout this specification are not necessarily allreferring to the same embodiment. Furthermore, the particular features,structures, or characteristic described herein may be combined in anysuitable manner in one or more combinations.

The word ‘comprising’ and forms of the word ‘comprising’ as used in thisdescription do not limit the invention claimed to exclude any variantsor additions.

Modifications and improvements to the invention will be readily apparentto those skilled in the art. Such modifications and improvements areintended to be within the scope of this invention.

1-21. (canceled)
 22. A gateway device for remote monitoring and controlof a barrier operator, the device including: a processor; a data storagedevice; a network interface for connecting the gateway device to acomputer network; an operator interface for communicating with thebarrier operator; and a computer program, which when executed on theprocessor: permits access to the gateway device over the computernetwork; transmits control signals received over the computer network tothe barrier operator; and a computer program, which when executed on theprocessor: permits access to the gateway device over the computernetwork transmits control signals received over the computer network tothe barrier operator; receives monitoring signals from the barrieroperator; and executes a security algorithm requiring a client device toregister with the gateway device prior to said client device beingpermitted to access the gateway device over the computer network.
 23. Agateway device according to claim 22, wherein the computer program isoperable to authenticate the control signals before transmitting to thebarrier operator.
 24. A gateway device according to claim 23, whereinthe control signals include a time stamp and the computer program isoperable to reject control signals that are received outside of apermitted timeframe.
 25. A gateway device according to claim 22, whereinregistration of the client device is effected by storage on the gatewaydevice of a unique client device identifier.
 26. A gateway deviceaccording to claim 25, wherein the client device identifier is alsostored on a remote Internet server in association with a unique gatewaydevice identifier.
 27. A gateway device according to claim 22, whereinthe security algorithm is operable to transmit authenticationcredentials to the client device during registration of the clientdevice, the authentication credentials being stored on the gatewaydevice and client device and being suitable for use by the client deviceto access the gateway device.
 28. A gateway device according to claim27, wherein the control signals received over the computer network fromthe client device include the authentication credentials, the computerprogram being operable to authenticate the control signals using theauthentication credentials.
 29. A gateway device according to claim 27,wherein the authentication credentials are transmitted to the clientdevice along with the unique client device identifier and the uniquegateway device identifier.
 30. A gateway device according to claim 26,wherein at least a subset of the authentication credentials aretransmitted to the Internet server from the gateway device after theclient device is registered with the gateway device.
 31. A gatewaydevice according to claim 22, wherein the computer program includes amodule operable to receive and store data from the barrier operatorpertaining to the barrier operator's operating characteristics.
 32. Agateway device according to claim 22, wherein the gateway device iscommunicable with a remote Internet server that is operable to mirrorthe state of the barrier operator.
 33. A gateway device according toclaim 22, wherein the operator interface provides for wirelesscommunication with the barrier operator via radio communication.
 34. Agateway device according to claim 33, wherein the operator interfaceincludes a wireless transceiver unit including memory storing one ofmore of: rolling code counters, one or more unique IDs of transceiversof one or more barrier operators registered with the gateway device, aunique ID of the gateway device, and one or more encryption keys.
 35. Agateway device according to claim 22, wherein the computer program isconfigured to store an event log of monitoring signals detailing controlevents executed by the barrier operator.
 36. A gateway device accordingto claim 35, wherein the gateway device is operable to sendnotifications to the client device based on the event log.
 37. A gatewaydevice according to claim 22, wherein the gateway device is operable toreceive a command emanating from a remote control device and relayed byway of the barrier operator.
 38. A remote monitoring and control system,comprising: a gateway device in according to claim 22; and one or morebarrier operators in communication with the gateway device.
 39. A remotemonitoring and control system according to claim 38, further including amobile application installable on a client device, the mobileapplication being operable to generate a control interface based onsettings of the gateway device.
 40. A remote monitoring and controlsystem according to claim 38, further including a server devicecommunicatively coupled to the gateway device through the Internet, theserver device being operable to allow client devices to securely accessthe gateway device.
 41. A method for remotely monitoring and controllingone or more barrier operators, the method comprising the steps of:providing a gateway device according to claim 22; and acceptingregistration of the barrier operator with the gateway device.